Robert,
We have in ONAP SECCOM already a work done in SBOMs.
Please check this Wiki: https://wiki.onap.org/display/DW/Software+Bill+of+Materials

If you would have any questions, please don't hesitate to come back to me. We may have a zoom session organized with leader for this topic.
Best regards




Paweł Pawlak | Product Owner | ONAP SECCOM Chair

M +48501501030

        




-----Wiadomość oryginalna-----
Od: lfn-securitywg@... <lfn-securitywg@...> W imieniu Robert Varga
Wysłano: wtorek, 9 listopada 2021 20:02
Do: LFN Security WG <lfn-securitywg@...>
Temat: [lfn-securitywg] Java SBOM requirements?

Hello everyone,

what is the LFN plan for SBOM use cases and baseline security requirements?

For OpenDaylight, this boils down to setting down a default policy that will do The Right Thing(tm) in odlparent. I would implement it in a heartbeat, except I am at a loss as to what exactly is it I should provide.

Thanks,
Robert